Web application firewall

A web application firewall (WAF) is a specific form of application firewall that filters, monitors, and blocks HTTP traffic to and from a web service. By inspecting HTTP traffic, it can prevent attacks exploiting a web application's known vulnerabilities, such as SQL injection, cross-site scripting (XSS), file inclusion, and improper system configuration.[1] Most of the major financial institutions utilize WAFs to help in the mitigation of web application 'zero-day' vulnerabilities,[citation needed] as well as hard to patch bugs or weaknesses through custom attack signature strings.[2]

  1. ^ "Web Application Firewall". TechTarget. Retrieved 10 April 2018.
  2. ^ Sense Defence Web Securityhttps://resources.sensedefence.com/revolutionising-web-security-with-comprehensive-web-application-protection-platform-cwapp